Bitcointingency: An Economics of Indeterminacy

This article originally appeared on the Weird Economies website in February 2022. Many thanks to them for letting us republish it here.

Introduction: Tragedy Of The Communications

“Information long ago broke through the truth barrier and moved into the hyperspace where things are neither true nor false, since everything in the realm of information depends on instantaneous credibility. Or, to put it more accurately, information is truer than true since it is true in real time — this is why it is fundamentally uncertain. Or again, to draw on Mandelbrot’s recent theory we can say that things in the information space or the historical space, like those in fractal space, are no longer one-, two- or three-dimensional: they float in some intermediate dimension. We no longer have any standards of truth or objectivity, but a scale of probability.”

J. Baudrillard (translated by Chris Turner), Information at the Meteorological Stage, in Screened Out, Verso Books, 2002.

The present cultural moment is characterised by uncertainty, intemperance and abstraction. It was only a matter of time before a value form emerged that reflects the values of our accelerating present. Cryptocurrencies may be approached conceptually as: communication networks, scarcity-based economic systems, strange attractors, externality engines, and time machines. A widely replicated, append-only data structure sometimes known as a ‘timechain’ (also referred to as a ‘blockchain’) affords a high degree of assurance that the network will continue to respect a particular set of transaction orderings. When these priorly ordained ordinalities (‘blocks’) are chained together, they collectively manifest a canonical historicity. Bitcoin reaches network-wide agreement over the state of its accounting ledger in a peer-to-peer manner by employing a thermoeconomic (thermodynamic-economic) mechanism known as proof-of-work. 

As Bitcoin’s usage increased over time, it became apparent that protocol-mandated network specifications gave rise to technical, socio-political, ecological, and economic constraints unintended by the system design. In many ways, Bitcoin is a weird economy reified, with features signalling notable onto-epistemic departures from all antecedent financial systems. It is the aim of this article to explore a number of these xenoeconomic characteristics using the lenses of temporality, thermodynamicity, libidinity, and indeterminacy.

Chronaissance: A Clock That Cannot Tell The Time

“Bitcoin is at its heart a distributed system whose goal is to achieve a leaderless consensus as to the ordinality of a series of occurrences. Bitcoin is a decentralised timestamping server, and the transactions are simply messages changing the effective balances that each network participant has access to. Bitcoin is an abstract timekeeping daemon manifested from cryptography and thermodynamics. Welcome to the chronaissance.”
W. Z. Alsindi, Reminiscences of A Clock Operator (edited), Temporal Secessionism Timezone#4 Sourcebook, 2021.

Bitcoin’s timechain provides a quantised temporal framework with which transcendental idealists, physicists, and network scientists alike may propose and test grand speculations. Crucial, but often overlooked, is the incommensurability of the dual temporalities extant within the Bitcoin network: a continuous mode exists where nodes propose transactions in ‘real-time’ and a discrete mode ticks to the sequential rhythm of confirmed blocks. Proof-of-work is the transcendental mechanism which leaderlessly transmutes continuous time into strictly sequenced batches of confirmed transactions. Despite this bidurationality, Bitcoin does not possess an endogenous mechanism to access the clock-time that humans live by. The network relies on proof-of-work participants (also known as ‘miners’) including temporal attestations inside their proposed blocks, embedding temporal asymmetries in the heart of cryptocurrency system logics. Consequences of this durational inequality include network vulnerabilities such as 51% attacks and time-warp attacks, which are discussed below. For more on temporal idiosyncrasies in Bitcoin, see the recent Reminiscences of a Clock Operator article. 

Thermocapitalism: Cryptography, Energy & Desire

The cryptography that undergirds Bitcoin’s security — and, therefore, its value proposition — is little more than brute-force mathematics. Large numbers and small probabilities can never provide complete assurance as to the safety of secrets over time. A faster computer can bring an ‘intractable’ calculation within reach, in essence making cryptography a continually escalating dark forest scenario between attackers and defenders with no status quo possible. This probabilistic deniability is the basis of Bitcoin’s technical construction: public-key cryptography, elliptic curve signature algorithms, and hash functions generate public keys (addresses) from private keys (passwords), and create the strings of data that miners generate when searching for candidate blocks (hashing). Though still in its infancy, quantum computing advances may soon produce devices sufficiently sophisticated to perform quantum search functions such as Shor’s and Grover’s algorithms. These operations provide exponential speed improvements over their classical counterparts, possibly emperiling some hitherto ‘safe’ cryptographic systems. If ‘one-way’ cryptographic functions can be reversed, attackers would be able to derive private keys (passwords) from public keys (addresses), leading to the collapse of Bitcoin’s security model.  

“Proof-of-Burnt-Offerings for an Indifferent Ergod, $ME”
CPRU x R&D Labs, The Necroprimitivist Manifesto Pt.1, 2021.

Proof-of-work is primarily a Sybil-resistance mechanism: preventing malicious actors from flooding the network with spam by making block creation costly. Proof-of-work resembles both a lottery due to its probabilistic nature, and a bingo game as the first valid candidate block to be accepted by the network is made canon and added to the timechain. This process famously requires enormous quantities of electricity and specialised equipment to participate in, incentivising participants with a mixture of protocol-determined subsidies / rewards as well as user-paid transaction fees. Due to the periodic difficulty adjustment of proof-of-work success probabilities, which keeps the rhythm of confirmed blocks steady as the network’s overall computational resource scales up and down, Bitcoin’s thirst for computational resources is insatiable by design. Furthermore, the protocol is insensitive to the environmental consequences of the externalities arising from the undesirable byproducts of proof-of-work, principally heat and e-waste. 

To invoke Lyotard vis-a-vis the question of alchemising computational power into other forms of power, a libidinal question can be posed: what does the Bitcoin network desire? One answer is security over time, which proof-of-work clinically reduces to a constant need for energy — as much as possible — with no discrimination as to the source. Proof-of-work may be thought of as a kind of ‘Google Death Drive’: a distributed system collating and archiving history, as it slowly poisons its external environment due to a mismatch of incentives inside and outside the network. The mechano-vampiric paradigm of proof-of-work is a growing threat to planetary ecology. The Faustian reality of proof-of-work is that Bitcoin exists in competition with natural life for the harvestable energy this side of the Sun, and it will continue to outbid nature as time and capital accumulate in its ledger.

51% Lyfe: Determinacy-As-A-Service

Cryptocurrencies employing Bitcoin-style proof-of-work are eternally contingent systems, as network participants can always expend more effort to rewrite the priorly canonical history. This is, in essence, determinacy-as-a-service: certainty comes at a price that only few can truly pay. The price must be paid in perpetuity, as an adversary can always raise their effective bid at any moment. In a twist on ‘technological determinism’, which can be traced back to McLuhan and Veblen, Bitcoin manifests technoindeterminism: there are no certainties on a timechain vulnerable to capital manipulation. Due to the rigid formalisms encoded by the protocol’s chain selection ruleset, the Bitcoin ledger is a collective technofinancial hallucination where capital and energy, applied over time, dictate reality. This is 51% Lyfe: the set of network rules that determine that the canonical timechain — and, thus, the latest network state including account balances — may be rewritten by any extant or emergent ‘tyranny of the thermodynamic majority’ in a process known as a ‘51% (or majority) attack’. This type of attack can occur when a nefarious entity manages to take control of the majority of mining power and is able to modify the order of transactions or reverse the transactions that they themselves have made, resulting in the spending the same digital coins twice, and the negation of Bitcoin’s primary value proposition. 

As new participants join a cryptocurrency network, they must find a way of discriminating the canonical ‘true’ timechain from all other permutations: be they honest but inferior timelines, or malicious histories seeded by adversarial actors. The way that Bitcoin achieves this is through a simple heuristic: the timeline with the most accumulated work is canon. There is a basis of justification for this. It is the simplest — and perhaps the only — way that such a network can be truly leaderless and trust-minimised. In the parlance of Meillassoux, Bitcoin is after finitude. Since there can only be one block with a particular height in a blockchain, should multiple candidates emerge, the prospect of a persistent network partition known as a (hard) fork can arise if subsets of the population of validating nodes do not overwhelmingly agree on the latest block. Such partitions may be short-lived, as in the case of stale blocks such as “orphans” and “uncles” which represent timelines discarded when the canonical chain builds upon another candidate block at the same height. In other cases, a fork can happen due to malicious behaviour, for example via a 51% attack. Forks — as scorched earth governance — provide a mechanism for exit-with-voice from a protocol regime: if some nodes change the parameters of what is accepted as a valid transaction, or a valid block, an incompatibility with other members of the network community manifests, and the network fragments will diverge into independent descendant networks. 

One can think of these schismatic network partitions that hard forks create as parallel timelines, as schizochronologies. Analogies with well-known literary and cinematic storylines involving time-travel are illustratively helpful, if not fully explanatory, but there are situations in which temporal violations such as replay attacks allow one timeline to affect another. Proponents of Bitcoin often say things like ‘Bitcoin is objective’, or ‘Bitcoin is truth’. This is not correct from a thermodynamic or information-theoretic perspective. Should a network participant (incumbent, or otherwise) arrive with sufficient energy and computational resources at their disposal, they may rewrite the history of the Bitcoin ledger at their leisure. One may speculate as to whether the protocol’s chain selection ruleset will maintain its ideological grip over the humans of Bitcoin in what would likely be seen as an unfair, force majeure circumstance. Alternatively, is the Bitcoin ledger — like most monetary systems past and present — merely a substrate for communal sense-making for historicity and record-keeping? There may be yet another juncture for network schisms in such an eventuality for a collective resolution over this tension between rules and norms.

There have been numerous examples of 51% attacks ‘in the wild’ on other cryptocurrencies; the Forkonomy project detailed and predicted many in 2018-9. Though the canonical Bitcoin network has not suffered one, numerous others have. I predicted in 2018 that the minority fork of Ethereum known as ETC — created during the schism resulting from the catastrophic failure of TheDAO in 2016 — would become increasingly susceptible to 51% attacks the longer that the hegemonic Ethereum network delayed its ‘2.0 upgrade’ away from proof-of-work. When the inevitable happened, this was no cause for joy; however it was certainly illuminating to be not only a fly on the wall, but an esteemed sage as a small community of smart contract libertarians surveyed the wreckage of their bombed-out network.

Time-Warp Attacks: Faking Time To Print Money

As mentioned earlier, Bitcoin cannot trustlessly access human clock-time, and therefore cannot verify the accuracy of miner-submitted timestamps. To mitigate, the network uses median-time-past (a trailing average of recent timestamps) to avoid significant discrepancies. There is a long-known theoretical vulnerability in Bitcoin — and Bitcoin-like systems also employing proof-of-work — which uses false timestamps to maliciously game the network. This has come to be known as a ‘time-warp attack’. Despite having never been knowingly observed on Bitcoin itself, examples of the attack have been observed elsewhere: on Bitcoin testnets, and on other proof-of-work cryptocurrencies. 

The attack starts with a miner submitting blocks with timestamps which are inaccurate, but still within network tolerance: the Bitcoin protocol allows submitted timestamps to deviate up to 120 minutes before rejecting a candidate block as invalid. False (early) timestamps can potentially affect the difficulty adjustment, increasing proof-of-work success probabilities for all mining participants. An attacker may potentially build an alternative chain with more accumulated work than the current one in private, only broadcasting found blocks when they are able to claim canonicity for their timeline. As the accumulated work would be lower on the time-warp chain than the honest chain at a given block height (chain length), the time-warp chain would have to be longer than the honest chain to claim canonicity, but the mining subsidy included in each block would offset much of the costs. On Bitcoin, a time-warp attack would also necessarily require 51% of the mining resource — also known as hashrate — which presents its own issues for the security of the network (see above). 

That this attack has not been observed in the wild on the Bitcoin network suggests that would-be exploiters — despite economic and/or ideological motivations — consider this strategy impractical, or unprofitable, compared to rational modes of mining. Any attempt to conduct a time-warp attack would be immediately apparent to those monitoring Bitcoin mining, either from studying inaccuracies in the timestamps themselves, or by noticing the divergence of median-time-past versus clock-time. Miners who do not wish to collude with such an attack can also take action, by refusing to build upon blocks with inaccurate timestamps. It is conceivable that users and economic stakeholders in the Bitcoin network might apply pressure to large mining constituencies (such as pool operators) to boycott suspected time-warp blocks.

Nevertheless, these behaviours have been documented on other networks. Firstly, Bitcoin testnet3 — which is a clone of the Bitcoin protocol network with valueless tokens intended for R&D purposes — uses the same SHA-256d proof-of-work algorithm as Bitcoin but has a very low network hashrate. As a result, an entity desiring a large quantity of testnet-Bitcoin tokens could direct hashrate to the network. This would ordinarily increase the difficulty, but, by using inaccurate timestamps, the difficulty can be kept low. There have been cases where a time-warp attack has incapacitated testnet3 until a rival miner provides sufficient computational resources to increase the network difficulty. Testnet3 also has some quirks related to mining difficulty which make it easier to game. More than one circumstance (such as a long period without blocks) allows miners to create a block with the lowest difficulty possible.

More salaciously, the small proof-of-work network Verge (formerly DogecoinDark) was subject to multiple time-warp attacks in early 2018. The exploit approach mirrored that outlined above, but with important additions that enabled them to conduct the exploit, claiming several million USD worth of XVG tokens at time of attack. The critical vulnerability resulted from additional complexity present in Verge relative to Bitcoin. Verge employed a mechanism intended to engineer ASIC-resistance — now considered a largely futile way to ensure that no specialised mining equipment can be created for a proof-of-work network — consisting of a naïvely-constructed sequence of five different hashing algorithms, each with their own difficulty parameter. As some of the five algorithms already had specialised mining hardware, the time-warp attacker focused their efforts on one algorithm in particular called Scrypt, effectively reducing the ‘51% condition’ to ~0.5-10% of the network hashrate. Further, Verge’s network difficulty adjusted rapidly: roughly every 30 minutes as compared to Bitcoin’s ~14 day window. This allowed the attack to commence quickly, allowing the perpetrators to cement total control over the network’s block creation for a period of time. The attacker achieved a difficulty reduction of 99.999999%, making it approximately one hundred million times easier to create blocks — mostly low difficulty and empty — and claim the mining rewards on many more blocks than would normally be found under typical network conditions. Lastly, due to further inheritance of code and characteristics from a legacy network (Peercoin) with a completely different architecture (proof-of-stake and slow blocks), Verge’s consensus mechanism determined the canonical timeline by chain length without discriminating for the amount of work accumulated. This meant that the timewarp attacker could enduringly maintain the canonicity of their timeline, despite much less work going into it than an honest miner’s rival timeline.

Such a sophisticated attack would only be possible to successfully carry out with a detailed and intimate knowledge of the inner workings of Verge’s proof-of-work mechanism. Therefore the attacker would either be presumed to be a network insider, a well-resourced proof-of-work expert, or both. The time-warp attacks on Verge were a striking example of durational inequality and proof-of-work’s perpetual contingency being leveraged in the wild, for the gain of a few and to the detriment of many.

Conclusion: An Infernal Return

Unfortunately (or fortunately), we are unable to chronicle the conclusion of this particular tale just yet, as Bitcoin’s temporal, thermodynamic, and determinate perversions render all confident proclamations suspect. However, there are some lessons to heed, predictions to be made, trajectories to note, and signs to be wary of.

Bitcoin’s arrow of time will maintain its inexorable continuation, monetary black hole that it is, sucking capital and energy into its ever-accreting centre of thermoeconomic gravity (a clockless arrow of time that points both ways). The indifference and repetition of proof-of-work will endure in the near term: Bitcoin’s economic security is largely assured until most of the final two million BTC are mined. Once the protocol-level ‘subsidy’ bribes are exhausted, it remains to be seen how the Bitcoin’s thermoeconomic mafia of proof-of-work shadow conglomerates will respond. Bitcoin is vulnerable at its margins, as technological paradigms and energy sources shift. Whether this is by means of ascendant modes of computation or incremental upgrades to hardware matters less than the fact that a shift occurs, in an inevitably heterogeneous manner. Entrenched polities will continue to exercise temporal privilege in various ways in the Bitcoin network, mostly by way of miners’ affordances in deciding the possible futures of the network’s ledger.

Bitcoin’s is contingent by design, and the risk of attacks permitted by the protocol will never be completely neutralised. Fittingly enough, despite being teenage software, the reference Bitcoin client (Bitcoin Core) is still beta software that has yet to move beyond v0.X nomenclature. The ability for factions to voice-through-exit from Bitcoin through forking will continue to embolden social engineers, legal trolls, and grifters to weaponise their messiah complexes. Would-be usurper forks of Bitcoin have little impact on the hegemonic timeline today, and are expected to have even less influence going forwards ceteris paribus.

Finally, I offer speculations around two possible endgames for Bitcoin’s thermocapital singularity: one is a blessed timeline where proof-of-work provides the necessary incentives to bootstrap Earth’s clean energy generation into a boundless — but incredibly unequal — post-scarcity future. One might think of this as a Childhood’s End timeline. The other is less rosy, insofar as Bitcoin would lock capital and ecology into a zero-sum game where resource scarcity tips the balance in favour of competition as opposed to cooperation, and machines become direct antagonists of nature. Perhaps this might be the Stalker/Roadside Picnic timeline, or a Bitlerian Jihad invoking Frank Herbert’s prehistory of Dune. In such a case, rather than being a new form of artificial life as zealots proclaim, Bitcoin appears more akin to anti-life, or even a form of ‘artificial death’. Bitcoin’s proof-of-work does not — and cannot — care about life, other than in its need for intelligent agents to continue to provide it with energy. For now, Bitcoin’s useful idiots are necroprimitivist humans, but someday non-human agents may meet all its needs and render humans superfluous: or as adversaries in need of destruction. Is Bitcoin a Nakamoto’s Basilisk, an Immaculate Misconception which is destined to kill all planetary life, or die trying? Remember the all-important fact about proof-of-work: it works, and works, and works, and works…

I’m grateful to William Kherbek for helpful feedback during the preparation of this article, and to Weird Economies team for publishing it. Huge thanks to Laura Cugusi for making it happen, and to Bahar Noorizadeh for patience and encouragement as it dawned upon me that it wasn’t possible to quickly write a simple article about this thorny topic.